[c-nsp] 827 router as 'DMZ'

Dan dan at technc.com
Wed Apr 11 12:58:53 EDT 2007 

Jesse,

I only have one external IP.  So it looks like I'm stuck with having nat 
on the 827.  What I really wanted to do is to have all four of my dsl 
lines terminated on the 2801 router with the hwic 4esw.  I have explored 
that option and it will not work because of a limitation of the hwic.  
So I was looking for a cheaper solution that would allow me to use the 
827 router as a pppoe termination point and then I was going to use the 
2801 for nat.

Do you know of any other cheap solution that would work to terminate 4 
dsl lines and use the 2801 router for nat?

Thanks,
Dan.

Jesse Alexander wrote:
> Hi Dan,
>
> If you have a public /30 IP range available to use, then easiest way 
> is to assign e0 one IP and the other router's directly connected 
> interface the other usable IP, such as:
>
> int e0
> ip address 209.126.2.1 255.255.255.252
>
> On other router:
>
> int [insert]
> ip address 209.126.2.2 255.255.252
>
> That way, the two are directly connected and therefore know how to 
> route to each other.  You can then use NAT on the 2801.
>
> Otherwise, you can use private IP's between the two, but NAT will be 
> needed on the 827.
>
> Kinda hard not knowing what assets you have available to you for IPs 
> and such.
>
> What would be best is if you had, say, a public /29 netblock from your 
> ISP. That gives you 6 usable IPs.  Have them set the 1st usable for 
> your 827's interface that connects to your ISP's modem via mac address 
> of your 827 (depending on how your ISP does that ... mine needs the 
> mac address of my router, which is a 851).
>
> Then assign e0 the next available IP, and the 2801's interface that 
> directly connects to the 827 then next IP available in the series of 
> IPs you are allocated.
>
> I realize I have an 851 verses your 827, but I am certain that what 
> you want to do can be done.
>
> I can be of more help if I know more specifics.
>
> Sincerely,
>
> Jesse
>
> ----- Original Message ----- From: "Dan" <dan at technc.com>
> Cc: <cisco-nsp at puck.nether.net>
> Sent: Tuesday, April 10, 2007 2:19 PM
> Subject: [c-nsp] 827 router as 'DMZ'
>
>
>> Hello,
>>
>> I'm wondering if anyone has been able to setup an 827 router as a DMZ
>> router.  What I would like to be able to do is have this box connecting
>> to my ISP via PPPoE, then have the box forward all traffic through the
>> e0 interface into a port on my 2801 router where I would setup nat.  Is
>> this possible with this 827 router?
>>
>> Thanks,
>> Dan.
>>
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>

More information about the cisco-nsp mailing list